Follow these steps to get the add-on installed on your system:
- Navigate in your Home Assistant frontend to Supervisor -> Add-on Store.
- Find the "Mosquitto broker" add-on and click it.
- Click on the "INSTALL" button.
The add-on has a couple of options available. To get the add-on running:
- Start the add-on.
- Have some patience and wait a couple of minutes.
- Check the add-on log output to see the result.
Create a new user for MQTT via your Home Assistant's frontend Configuration -> Users (manage users) , (i.e. not on Mosquitto's Configuration tab). Notes:
- This name cannot be
homeassistantoraddons, those are reserved usernames. - If you do not see the option to create a new user, ensure that Advanced Mode is enabled in your Home Assistant profile.
To use the Mosquitto as a broker, go to the integration page and install the configuration with one click:
- Navigate in your Home Assistant frontend to Configuration -> Integrations.
- MQTT should appear as a discovered integration at the top of the page
- Select it and check the box to enable MQTT discovery if desired, and hit submit.
If you have old MQTT settings available, remove this old integration and restart Home Assistant to see the new one.
Add-on configuration:
logins: []
customize:
active: false
folder: mosquitto
certfile: fullchain.pem
keyfile: privkey.pem
require_certificate: falseA list of local users that will be created with username and password. You don’t need to do this because you can use Home Assistant users too, without any configuration. If a local user is specifically desired:
logins:
- username: user
password: passwdIf set to true additional configuration files will be read, see the next option.
Default value: false
The folder to read the additional configuration files (*.conf) from.
A file containing a root certificate. Place this file in the Home Assistant ssl folder.
A file containing a certificate, including its chain. Place this file in the Home Assistant ssl folder.
A file containing the private key. Place this file in the Home Assistant ssl folder.
If set to true encryption will be enabled using the cert- and keyfile options.
If set to true turns on debug logging for mosquitto and its auth plugin. This an help when tracking down an issue however running with this long term is not recommended as sensitive information will be logged.
This add-on is attached to the Home Assistant user system, so MQTT clients can make use of these credentials. Local users may also still be set independently within the configuration options for the add-on. For the internal Home Assistant ecosystem, we register homeassistant and addons, so these may not be used as user names.
Remove the ports from the add-on page network card (set them as blank) to disable them.
It is possible to restrict access to topics based upon the user logged in to Mosquitto. In this scenario, it is recommended to create individual users for each of your clients and create an appropriate ACL.
See the following links for more information:
Add the following configuration to enable unrestricted access to all topics for [YOUR_MQTT_USER].
Note: Home Assistant expects the users homeassistant and addons to have unrestricted readwrite access to all topics. If you choose to enable ACLs, you should grant this access to these users as demonstrated below. Otherwise you will run into issues.
-
Enable the customize flag
customize: active: true folder: mosquitto
-
Create
/share/mosquitto/acl.confwith the contents:acl_file /share/mosquitto/accesscontrollist -
Create
/share/mosquitto/accesscontrollistwith the contents:user addons topic readwrite # user homeassistant topic readwrite # user [YOUR_MQTT_USER] topic readwrite #
The /share folder can be accessed via SMB, or on the host filesystem under /usr/share/hassio/share.
Got questions?
You have several options to get them answered:
- The Home Assistant Discord Chat Server.
- The Home Assistant Community Forum.
- Join the Reddit subreddit in /r/homeassistant
In case you've found a bug, please open an issue on our GitHub.